rubion 0.3.18 → 0.3.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/rubion/scanner.rb +33 -2
- data/lib/rubion/version.rb +1 -1
- data/lib/rubion.rb +25 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2fb0ebd81ad4651b568178e9c0ecade87ca0de823ea8730cedb0bf32a1c41c18
|
|
4
|
+
data.tar.gz: 3807db5d586bc7ec2637d83d10ca605b146a2dc60409ec4a91906a718c11ccc8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f7b31e95c34e450c7aee9cced6914576377a1340fb9d226f61b98aedc48d7e6f0e70928a126a20c57c28ea2513df154d9b4c64ea3d17d25b81f2401cabc1ba23
|
|
7
|
+
data.tar.gz: 53ed7d0d3158c1899215c7bdbb1563bb4df79de68af08fba256a4943ae46edc44f96c7fcb53bedc7dfd5b8d498222222d6a0b62fe85266a2d1bdc19a78b5fd44
|
data/lib/rubion/scanner.rb
CHANGED
|
@@ -20,13 +20,14 @@ module Rubion
|
|
|
20
20
|
end
|
|
21
21
|
end
|
|
22
22
|
|
|
23
|
-
def initialize(project_path: Dir.pwd, package_manager: nil)
|
|
23
|
+
def initialize(project_path: Dir.pwd, package_manager: nil, vulnerabilities_only: false)
|
|
24
24
|
@project_path = project_path
|
|
25
25
|
@result = ScanResult.new
|
|
26
26
|
@package_manager = package_manager
|
|
27
27
|
@package_manager_detected = false
|
|
28
28
|
@direct_gems = nil
|
|
29
29
|
@direct_packages = nil
|
|
30
|
+
@vulnerabilities_only = vulnerabilities_only
|
|
30
31
|
end
|
|
31
32
|
|
|
32
33
|
def scan
|
|
@@ -51,7 +52,7 @@ module Rubion
|
|
|
51
52
|
reporter = Reporter.new(@result, sort_by: options[:sort_by], sort_desc: options[:sort_desc],
|
|
52
53
|
exclude_dependencies: options[:exclude_dependencies])
|
|
53
54
|
reporter.print_gem_vulnerabilities
|
|
54
|
-
reporter.print_gem_versions
|
|
55
|
+
reporter.print_gem_versions unless options[:vulnerabilities_only]
|
|
55
56
|
end
|
|
56
57
|
|
|
57
58
|
# Then scan NPM packages (if enabled)
|
|
@@ -71,6 +72,9 @@ module Rubion
|
|
|
71
72
|
# Check for vulnerabilities using bundler-audit
|
|
72
73
|
check_gem_vulnerabilities
|
|
73
74
|
|
|
75
|
+
# Skip version/outdated checks when only vulnerabilities are requested
|
|
76
|
+
return if @vulnerabilities_only
|
|
77
|
+
|
|
74
78
|
# Check for outdated versions using bundle outdated (will show progress)
|
|
75
79
|
check_gem_versions
|
|
76
80
|
end
|
|
@@ -93,6 +97,9 @@ module Rubion
|
|
|
93
97
|
# Check for vulnerabilities using package manager audit
|
|
94
98
|
check_npm_vulnerabilities
|
|
95
99
|
|
|
100
|
+
# Skip version/outdated checks when only vulnerabilities are requested
|
|
101
|
+
return if @vulnerabilities_only
|
|
102
|
+
|
|
96
103
|
# Check for outdated versions using package manager outdated (will show progress)
|
|
97
104
|
check_npm_versions
|
|
98
105
|
end
|
|
@@ -172,6 +179,30 @@ module Rubion
|
|
|
172
179
|
parse_npm_audit_output(data)
|
|
173
180
|
end
|
|
174
181
|
rescue JSON::ParserError => e
|
|
182
|
+
# npm audit can emit human-readable errors plus a JSON error object when there is
|
|
183
|
+
# no lockfile (ENOLOCK) or similar issues. Because we redirect stderr to stdout
|
|
184
|
+
# (2>&1), the mixed output may not be valid JSON.
|
|
185
|
+
if @package_manager == 'npm'
|
|
186
|
+
json_start = stdout.index('{')
|
|
187
|
+
json_end = stdout.rindex('}')
|
|
188
|
+
|
|
189
|
+
if json_start && json_end && json_end > json_start
|
|
190
|
+
json_str = stdout[json_start..json_end]
|
|
191
|
+
|
|
192
|
+
begin
|
|
193
|
+
error_data = JSON.parse(json_str)
|
|
194
|
+
|
|
195
|
+
if error_data.is_a?(Hash) && error_data.dig('error', 'code') == 'ENOLOCK'
|
|
196
|
+
puts "\n ℹ️ npm audit requires a package-lock.json. Skipping npm vulnerability check.\n"
|
|
197
|
+
@result.package_vulnerabilities = []
|
|
198
|
+
return
|
|
199
|
+
end
|
|
200
|
+
rescue JSON::ParserError
|
|
201
|
+
# Fall through to the generic error below
|
|
202
|
+
end
|
|
203
|
+
end
|
|
204
|
+
end
|
|
205
|
+
|
|
175
206
|
raise "Failed to parse #{@package_manager} audit JSON output: #{e.message}. Raw output: #{stdout}"
|
|
176
207
|
end
|
|
177
208
|
end
|
data/lib/rubion/version.rb
CHANGED
data/lib/rubion.rb
CHANGED
|
@@ -29,7 +29,14 @@ module Rubion
|
|
|
29
29
|
|
|
30
30
|
def self.parse_scan_options(args)
|
|
31
31
|
# Default to sorting by "Behind By(Time)" in descending order
|
|
32
|
-
options = {
|
|
32
|
+
options = {
|
|
33
|
+
gems: true,
|
|
34
|
+
packages: true,
|
|
35
|
+
sort_by: 'Behind By(Time)',
|
|
36
|
+
sort_desc: true,
|
|
37
|
+
exclude_dependencies: false,
|
|
38
|
+
vulnerabilities_only: false
|
|
39
|
+
}
|
|
33
40
|
|
|
34
41
|
# Check for --gems-only or --packages-only flags
|
|
35
42
|
if args.include?('--gems-only') || args.include?('-g')
|
|
@@ -58,6 +65,9 @@ module Rubion
|
|
|
58
65
|
# Parse --exclude-dependencies flag
|
|
59
66
|
options[:exclude_dependencies] = true if args.include?('--exclude-dependencies')
|
|
60
67
|
|
|
68
|
+
# Parse --vulnerabilities-only flag
|
|
69
|
+
options[:vulnerabilities_only] = true if args.include?('--vulnerabilities-only') || args.include?('--vulns-only')
|
|
70
|
+
|
|
61
71
|
options
|
|
62
72
|
end
|
|
63
73
|
|
|
@@ -65,7 +75,7 @@ module Rubion
|
|
|
65
75
|
exclude_dependencies: false })
|
|
66
76
|
project_path = Dir.pwd
|
|
67
77
|
|
|
68
|
-
scanner = Scanner.new(project_path: project_path)
|
|
78
|
+
scanner = Scanner.new(project_path: project_path, vulnerabilities_only: options[:vulnerabilities_only])
|
|
69
79
|
result = scanner.scan_incremental(options)
|
|
70
80
|
|
|
71
81
|
# Results are already printed incrementally based on options
|
|
@@ -78,7 +88,7 @@ module Rubion
|
|
|
78
88
|
reporter = Reporter.new(result, sort_by: options[:sort_by], sort_desc: options[:sort_desc],
|
|
79
89
|
exclude_dependencies: options[:exclude_dependencies])
|
|
80
90
|
reporter.print_package_vulnerabilities
|
|
81
|
-
reporter.print_package_versions
|
|
91
|
+
reporter.print_package_versions unless options[:vulnerabilities_only]
|
|
82
92
|
end
|
|
83
93
|
|
|
84
94
|
def self.print_help
|
|
@@ -92,14 +102,15 @@ module Rubion
|
|
|
92
102
|
rubion help Display this help message
|
|
93
103
|
|
|
94
104
|
SCAN OPTIONS:
|
|
95
|
-
--gems, --gem, -g
|
|
96
|
-
--packages, --npm, -p
|
|
97
|
-
--all, -a
|
|
98
|
-
--sort-by COLUMN, -s COLUMN
|
|
99
|
-
|
|
100
|
-
--asc, --ascending
|
|
101
|
-
--desc, --descending
|
|
102
|
-
--exclude-dependencies
|
|
105
|
+
--gems, --gem, -g Scan only Ruby gems (skip NPM packages)
|
|
106
|
+
--packages, --npm, -p Scan only NPM packages (skip Ruby gems)
|
|
107
|
+
--all, -a Scan both gems and packages (default)
|
|
108
|
+
--sort-by COLUMN, -s COLUMN Sort results by column (Name, Current, Date, Latest, Behind By(Time), Behind By(Versions))
|
|
109
|
+
(default: "Behind By(Time)" in descending order)
|
|
110
|
+
--asc, --ascending Sort in ascending order (use with --sort-by)
|
|
111
|
+
--desc, --descending Sort in descending order (use with --sort-by, default)
|
|
112
|
+
--exclude-dependencies Show only direct dependencies (from Gemfile/package.json)
|
|
113
|
+
--vulnerabilities-only Show only vulnerability tables (hide version/outdated sections)
|
|
103
114
|
|
|
104
115
|
DESCRIPTION:
|
|
105
116
|
Rubion scans your project for:
|
|
@@ -142,6 +153,9 @@ module Rubion
|
|
|
142
153
|
#{' '}
|
|
143
154
|
# Show only direct dependencies
|
|
144
155
|
rubion scan --exclude-dependencies
|
|
156
|
+
#{' '}
|
|
157
|
+
# Show only vulnerabilities (no version/outdated tables)
|
|
158
|
+
rubion scan --vulnerabilities-only
|
|
145
159
|
#{' '}
|
|
146
160
|
# Get help
|
|
147
161
|
rubion help
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: rubion
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3.
|
|
4
|
+
version: 0.3.20
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- bipashant
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-12-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: terminal-table
|